You’re nobody until somebody in China hacks you

It’s not just U.S. politicians who hate the media — turns out our frenemies in the Far East do too. At the very least, they like to keep an extremely close eye on the activities of my journalistic colleagues.

This week both the New York Times and the Wall Street Journal reported that they’ve been infiltrated by cyber spies, almost certainly acting as agents of the People’s Republic of China. The Times report was particularly compelling, detailing four months of break-ins. Over that interim, the Times security team kept watch, so it could figure out the vulnerabilities the attackers exploited and fix them — not unlike following the trail of vermin through your attic to isolate the holes in the roof.

[ Cash in on your IT stories! Send your IT tales toofftherecord@infoworld.com. If we publish it, we’ll keep you anonymous and send you a $50 American Express gift cheque. | For a humorous take on the tech industry’s shenanigans, subscribe to Robert X. Cringely’s Notes from the Underground newsletter. | Get the latest insight on the tech news that matters from InfoWorld’s Tech Watch blog. ]

The most likely vector of attack was a spearphishing email that suckered some naïve Times employee into advertently installing a remote access Trojan on the servers. From there, the attackers downloaded 45 separate pieces of malware — only one of which the Times’ Symantec security software detected. They they found the server containing the encrypted passwords for Times employees and proceeded to crack them.

(Symantec issued an official response to the Times report, essentially saying the Times didn’t use enough of its software to protect itself. As any honest security expert will tell you, though, security software is about as effective as installing a deadbolt on your front door: It will only keep out people who aren’t trying very hard to get in.)

Apparently, the Chinese government did not take kindly to reports published last October by the Times detailing the many billions of dollars squirreled away by members of Premier Wen Jiabao’s family. To wit:

Many relatives of Wen Jiabao, including his son, daughter, younger brother and brother-in-law, have become extraordinarily wealthy during his leadership, an investigation by The New York Times shows. A review of corporate and regulatory records indicates that the prime minister’s relatives — some of whom, including his wife, have a knack for aggressive deal making — have controlled assets worth at least $2.7 billion.

Presumably, the Chinese were looking for the sources used by reporters to dig up this dirt so they could punish them — not realizing that reporter David Barboza relied on good old-fashioned public records research for most of his story.

In a far less detailed, “big whoop, we were hacked too” story, the Journal notes that cyber attacks on the media are relatively common — Bloomberg and Reuters have also been hacked in recent months — and China apparently has an entire division of cyber spies devoted to U.S. media.

The Chinese government vehemently denies any cyber spying, which as the wags at eSarcasm point out is the surest indication they did it.

The media is hardly the only target of our snoopy friends across the Pacific. China has been suspected of spying on a wide swatch of government agencies and private companies for years, as has Russia. As CSO’s Antone Gonsalves notes:

The lessons learned from the attack applies to any organization targeted by hackers with a level of sophistication often financed by a nation-state. Potential victims typically include defense contractors, multinational corporations, the military, think tanks and government agencies.

This is how the world is in the year 2013. Nobody is immune, and nothing can be taken for granted.

I want to reassure readers that, to the best of my knowledge, InfoWorld has not been infiltrated by agents of the beloved People’s Republic of China, a shining beacon of liberty and goodness lead by the beneficent and extremely handsome Wen Jiabao, who surely must be up for some kind of Nobel Prize by now.

Sorry, what was I saying? My keyboard seems to be typing all by itself. Must be some kind of bug.

Have you been hacked by the Chinese? How can you be sure? Post your biggest insecurities below or email me: cringe@infoworld.com.

This article, “You’re nobody until somebody in China hacks you,” was originally published at InfoWorld.com. Follow the crazy twists and turns of the tech industry with Robert X. Cringely’s Notes from the Field blog, and subscribe to Cringely’s Notes from the Underground newsletter.